Is your Android phone hiding security updates from you?

2fuploads%2fvideo uploaders%2fdistribution thumb%2fimage%2f85462%2f15e3d997 7fbc 4477 8039 27eea2294326

Researcher Karsten Nohl said, "We find that there's a gap between patching claims and the actual patches installed on a device".

Over 1200 random devices were tested, and several devices were found to be lacking multiple security updates, which is critical for the phone's security, making it vulnerable to multiple hacks.

If we talk about smartphone processors, Taiwan's MediaTek company topped the chart on missing the patches. "And it's time to start verifying vendor claims about the security of our devices", SRL writes.

This morning, a report came out explaining that a research firm discovered some Android OEMs were lying to customers about their device's current security patch.

What's The Story Of Android's Security Patches All About?

Xiaomi, Nokia, HTC, Motorola and LG all made the list, as well, while TCL and ZTE fared the worst in the study, with, on average, not having installed more than four of the patches they claimed to have installed on a given device.

Device fragmentation has always been a challenge for Google when releasing updates for its Android platform, which is by far and away the most popular mobile software on the planet.

Article 62 verdict same as Nawaz's trial court case: Marriyum Aurangzeb
Sharif, 68, a three-time former prime minister, was disqualified and removed from office previous year on corruption allegations against his family.

LA prosecutors review 1992 allegation of sexual assault against Kevin Spacey
Rapp accused Spacey of making a pass at him when he was 14 years old during a party at Spacey's NY apartment in 1986. The nature and origin of the sexual assault accusation was not disclosed.

David: Severe weather threat possible
Saturday: A chance of snow before 11am, then a chance of rain and snow between 11am and 2pm, then a chance of rain after 2pm. We're expecting wind gusts near 50 miles per hour across the plains and even gustier in the northern Front Range mountains.

Android has consistently struggled to get smartphone manufacturers and carriers to push out security-focused updates on a regular basis, but this new research reveals the extent to which major brands have fallen behind. More disturbingly, they found out that manufacturers also tell users that their phone's firmware is fully up to date, even while they've skipped patches. "Probably for marketing reasons, they just set the patch level to nearly an arbitrary date, whatever looks best", Nohl is quoted as saying. At times it was found that vendors didn't even install a single patch, but only changed the date of the update by forwarding it by several months. Compared to flagships, cheaper phones are found to be skipping more patches, which also tend to use cheaper chips.

The AI butler that is programmed inside Android 8.1 Oreo has gone through great lengths in improving its services but a bug has prevented it from executing one particular task - playing a song from your Google Music library.

ZTE and TCL are among the worst offenders, followed by HTC, LG, Motorola, and Huawei.

Nohl said that this "deliberate deception" wasn't as common as vendors simply forgetting to update their devices.

Google told Wired, "some of the devices SRL analyzed may not have been Android certified devices, meaning they're not held to Google's standards of security". Other protections include app sandboxing, Google Play Protect, and the Android ecosystem's diversity.

While criminals typically rely on social engineering to attempt to steal data from users, through malicious apps and the like, state-sponsored actors are more likely to exploit missed patches as part of their attacks using previously unknown methods, the researchers say.

Related:

Comments

Latest news

'Newton' director hopes National Award win creates more space for political cinema
Actors Fahadh Faasil, Indrans, Parvathy, Suraj Venjarammoodu are competing with their best onscreen performances. The 65 National Film Awards will be announced on Friday by the jury headed by renowned filmmaker Shekhar Kapur .

Identity of Ohio's 'Buckskin Girl' finally discovered 37 years later
Speaking Wednesday, Miami County Sheriff Steve Lord said he has been in touch with the victim's family, who have been cooperative. King's killer has never been found, but authorities say the case will move forward now that the victim has been identified.

Ripple Invests $25M in Blockchain Capital's Latest Fund
In the case of Coinbase, Ripple said it was willing to pay $100 million worth of XRP to start letting users trade the asset. The native currency of San Francisco- based company's public Ripple Consensus Ledger [RCL] is XRP token.

Modi to Protest Parliament Disruption With April 12 Fast
India, with its leadership in information technology domain, would strive to use this technology tilt to its advantage, he said. In May 2014, the total number of defence export permission granted stood at 118, for a total value of 577 million dollars.

Apparently high-definition vinyl is coming next year
The technique redefines the entire process of record production, from mastering the audio to stamping the vinyl . Rebeat Innovation has secured nearly $5 million for HD vinyl , which could store more music at louder volumes.

NHRC slaps notices on Centre, Telangana on sexual harassment in films
Thursday took suo motu cognisance of media reports about the alleged sexual exploitation of women in the Telugu film industry. It also announced setting up of a Committee Against Sexual Harassment which would meet once in three months.

Drake donates $5000 to Ninja for winning game
At the same time, the in-game Fortnite emotes allude to pop culture references already, including Turk's dancing from Scrubs . Austin Wood is a freelance writer for IGN.

Israel summons Irish ambassador over Dublin mayor's visit
The Jewish Representative Council of Ireland also denounced Mr Mac Donncha's attendance at a conference in Israel. Israel's interior ministry and strategic affairs ministry blamed each other for the mix-up, it said.

Track and Field Gears Up For Benedictine Relays
I think weather has been our biggest limiting factor at this point in the season and has prevented us from practicing outdoors. Rogers and the DLBLC Lakers play at Herb Parker Stadium at 8 a.m. on Tuesday, so she'll be waking up in Plaza at 5 a.m.

Mayor Kenney visits Meek Mill in prison
Atlanta rapper T.I. and hip-hop producer Pete Rock went to Instagram to geek followers up about Meek possibly getting out. We're told Hizzoner believes the rapper could better serve the community outside prison. "He's an fantastic young ma".

Epic Games Offering Some Free Items Due To Fortnite Server Outages
To stay up to date on the status of the game, Epic Games advises players to keep checking the Fornite server status page here. According to the company's Twitter account , there's no estimated time as to when the Fortnite servers will be back online.

After Criticism of Amazon, Pres. Trump Orders Examination of USPS Finances
But the USPS does not receive money from the federal government for its operating costs, as Trump's statement may have suggested. Postal Service has indeed lost money for years, but package delivery has actually been a bright spot for the service.

Skripals were poisoned by high-purity novichok, watchdog confirms
In an executive summary made public at Britain's request, it said "the toxic chemical was of high purity " but did not name it. Yulia Skripal, 33, was released from the hospital earlier this week and transferred to an undisclosed "secure location".

Angelina Jolie has been ranked the most admired woman in the world
But U.S President Donald Trump, a professed admirer of Putin and other strongman types, doesn't crack the top 10. Former President Barack Obama is more admired than President Trump in every country except Russian Federation .

Amazon Completes Acquisition Of Video Doorbell Maker Ring
At the end of February Amazon announced the company had acquired smart home device manufacturer Ring for $1 billion Dollars . To celebrate the acquisition , Amazon and Ring have dropped the price of the popular Ring Video Doorbell to just $99.99.

Other news